<?php
$conn = mysqli_connect("localhost", "root", "", "taxi");
if (!$conn) {
    die("Ошибка: " . mysqli_connect_error());
}
?>
<!DOCTYPE html>
<html>
	<head>
		<!-- Mobile Specific Meta -->
		<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
		<!-- Favicon-->
		<link rel="shortcut icon" href="img/fav.png">
		<!-- Author Meta -->
		<meta name="author" content="colorlib">
		<!-- Meta Description -->
		<meta name="description" content="">
		<!-- Meta Keyword -->
		<meta name="keywords" content="">
		<!-- meta character set -->
		<meta charset="UTF-8">
		<!-- Site Title -->
		<title>Taxi</title>

		<link href="https://fonts.googleapis.com/css?family=Poppins:100,200,400,300,500,600,700" rel="stylesheet"> 
			<!--
			CSS
			============================================= -->
			<link rel="stylesheet" href="css/linearicons.css">
			<link rel="stylesheet" href="css/font-awesome.min.css">
			<link rel="stylesheet" href="css/bootstrap.css">
			<link rel="stylesheet" href="css/magnific-popup.css">
			<link rel="stylesheet" href="css/nice-select.css">							
			<link rel="stylesheet" href="css/animate.min.css">
			<link rel="stylesheet" href="css/jquery-ui.css">			
			<link rel="stylesheet" href="css/main.css">
			
		</head>
<body>
<?php
// если запрос GET
if($_SERVER["REQUEST_METHOD"] === "GET" && isset($_GET["id"]))
{
    $userid = mysqli_real_escape_string($conn, $_GET["id"]);
    $sql = "SELECT * FROM zakazi WHERE id_zakaz = '$userid'";
    if($result = mysqli_query($conn, $sql)){
        if(mysqli_num_rows($result) > 0){
            foreach($result as $row){
                $name_zakaz = $row["name_zakaz"];
				$email_zakaz = $row["email_zakaz"];
				$phone_zakaz = $row["phone_zakaz"];
				$auto_zakaz = $row["auto_zakaz"];
				$ot_zalaz = $row["ot_zalaz"];
				$kuda_zakaz = $row["kuda_zakaz"];
				$date_zakaz = $row["date_zakaz"];
                $time_zakaz = $row["time_zakaz"];
            }
            echo "<div class='container'>
			<h3>Редактирование записи</h3>
                <form method='post' enctype = 'multipart/form-data'>
					<div class='row'>
                    <input type='hidden' name='id_zakaz' value='$userid'/>
                    <p>Имя:
                    <br><input type='text' name='name_zakaz' value='$name_zakaz'/></p>
                    <p>Email:
                    <br><input type='text' name='email_zakaz' value='$email_zakaz'/></p>
					<p>Телефон:
                    <br><input type='text' name='phone_zakaz' value='$phone_zakaz'/></p>
					<p>Авто:
                    <br><input type='text' name='auto_zakaz' value='$auto_zakaz'/></p>
				    <p>От куда:
                    <br><input type='text' name='ot_zalaz' value='$ot_zalaz'/></p>
				    <p>Куда:
                    <br><input type='text' name='kuda_zakaz' value='$kuda_zakaz'/></p>
					<p>Дата:
                    <br><input type='text' name='date_zakaz' value='$date_zakaz'/></p>
					<p>Время:
                    <br><input type='text' name='time_zakaz' value='$time_zakaz'/></p>
                    <br><input type='submit' value='Сохранить' class='btn'>
				</form>
				<br><a class='btn' href='lk.php' style='padding-top: 15px;'>Назад</a>
				</div>
				</div>";
        }
        else{
            echo "<div>Пользователь не найден</div>";
        }
        mysqli_free_result($result);
    } else{
        echo "Ошибка: " . mysqli_error($conn);
    }
}
elseif (isset($_POST["id_zakaz"]) && isset($_POST["name_zakaz"]) && isset($_POST["email_zakaz"]) && isset($_POST["phone_zakaz"]) && isset($_POST["auto_zakaz"]) && isset($_POST["ot_zalaz"]) && isset($_POST["kuda_zakaz"]) && isset($_POST["date_zakaz"]) && isset($_POST["time_zakaz"])) {
      
    $userid = mysqli_real_escape_string($conn, $_POST["id_zakaz"]);
    $name_zakaz = mysqli_real_escape_string($conn, $_POST["name_zakaz"]);
    $email_zakaz = mysqli_real_escape_string($conn, $_POST["email_zakaz"]);
	$phone_zakaz = mysqli_real_escape_string($conn, $_POST["phone_zakaz"]);
    $auto_zakaz = mysqli_real_escape_string($conn, $_POST["auto_zakaz"]);
	$ot_zalaz = mysqli_real_escape_string($conn, $_POST["ot_zalaz"]);
    $kuda_zakaz = mysqli_real_escape_string($conn, $_POST["kuda_zakaz"]);
	$date_zakaz = mysqli_real_escape_string($conn, $_POST["date_zakaz"]);
    $time_zakaz = mysqli_real_escape_string($conn, $_POST["time_zakaz"]);
      
    $sql = "UPDATE zakazi SET name_zakaz = '$name_zakaz', email_zakaz = '$email_zakaz', phone_zakaz = '$phone_zakaz', auto_zakaz = '$auto_zakaz', ot_zalaz = '$ot_zalaz', kuda_zakaz = '$kuda_zakaz', date_zakaz = '$date_zakaz', time_zakaz = '$time_zakaz' WHERE id_zakaz = '$userid'";
    if($result = mysqli_query($conn, $sql)){
        header("Location: lk.php");
    } else{
        echo "Ошибка: " . mysqli_error($conn);
    }
}
else{
    echo "Некорректные данные";
}
mysqli_close($conn);
?>
</body>
</html>